On Thursday 11 October 2007 20:55:51 Dan White wrote:
Buchan,
You may want to investigate pwdutils:
http://www.thkukuk.de/pam/pwdutils/
The website it a little dated, but the software appears to be more actively maintained at:
ftp://ftp.us.kernel.org/pub/linux/utils/net/NIS
I don't see anything in the current version that would alleviate my problems.
Maybe I was not clear enough. I am not looking for a tool to just change an LDAP password (I use ldappasswd for that currently, and it changes Samba passwords too via the smbk5passwd overlay) or provision accounts to LDAP etc. . I am looking for a solution to ensure that, whichever mechanisms I decide to allow for password changes (e.g. LDAP password change exop), all aspects related to the use of that password are updated consistently, for use via simple binds, authentication via Samba/NTLM/MSCHAPv2, and Kerberos. At present I see no means to accomplish this (at most you can get 2/3).
pwdutils seems mostly to be similar in function to what I am currently using smbldap-tools for (but this function will probably be moved to some in-house software).
Regards, Buchan